ID CVE-2011-0794
Summary Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5.0 allows local users to affect confidentiality, integrity, and availability, related to File ID SDK. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) sccut.dll or (b) libsc_ut.so in Outside In 8.3.5.x through 8.3.5.5684, as used when using the CAB file identification functionality to parse OneNote (.onepkg) files and other formats.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:fusion_middleware:8.3.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:8.3.5.0:*:*:*:*:*:*:*
CVSS
Base: 4.4 (as of 25-05-2016 - 18:34)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 47437
cert-vn VU#520721
cisco 20111026 Cisco Security Agent Remote Code Execution Vulnerabilities
confirm
secunia 44295
Last major update 25-05-2016 - 18:34
Published 20-04-2011 - 03:14
Last modified 25-05-2016 - 18:34
Back to Top